Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/IiutlC1KL4o_3lFqnHhrYmUmnvA.roa
File: IiutlC1KL4o_3lFqnHhrYmUmnvA.roa (raw, json)
Hash identifier: AJV5kz6eKfJzVkXbN2AGAseoNUtAMfeJq+f5mSE4J6M=
Subject key identifier: 22:2B:AD:94:2D:4A:2F:8A:3F:DE:51:6A:9C:78:6B:62:65:26:9E:F0
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01853067C8A6682FA6B07530B232427553D4
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/IiutlC1KL4o_3lFqnHhrYmUmnvA.roa
Signing time: Tue 20 Dec 2022 16:39:46 +0000
ROA not before: Tue 20 Dec 2022 16:39:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60675
IP address blocks: 185.114.84.0/22 maxlen: 24
185.142.192.0/22 maxlen: 24
185.27.136.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:30:67:c8:a6:68:2f:a6:b0:75:30:b2:32:42:75:53:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 20 16:39:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=222bad942d4a2f8a3fde516a9c786b6265269ef0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fc:92:b0:de:fe:38:3e:dc:96:7c:aa:61:8b:
e2:c9:36:cb:ec:60:15:d8:41:3a:2a:7d:fb:99:61:
3a:33:d3:e0:d1:81:5e:3f:40:2d:9e:b0:fc:d5:18:
d3:d8:8a:20:33:6f:2e:6a:f4:33:41:00:4f:b1:c9:
3a:f6:8f:5e:53:eb:87:63:95:c0:4c:77:85:01:ae:
45:28:ca:f6:31:20:ef:99:17:67:66:21:e3:a4:14:
2d:3e:aa:6a:c3:ae:45:c0:4d:b5:ba:f5:cc:e0:14:
4b:43:7c:e9:81:f2:fb:9b:f0:6a:a4:27:87:0c:66:
4a:3a:c8:05:e5:56:78:c7:61:71:78:4d:f3:8a:92:
39:50:13:95:8f:04:6a:c6:94:39:52:38:11:51:8e:
7a:8f:53:2e:58:33:5d:6c:00:a7:65:02:9e:aa:bf:
3e:0a:a5:0a:e5:a6:0b:c4:da:ef:81:a2:bd:3f:91:
54:75:c1:89:a3:35:8d:b8:31:33:c9:ab:a8:31:a3:
c5:68:5d:d1:61:38:bd:b2:93:4e:ad:47:83:e7:44:
dc:82:ab:a6:d9:3a:22:4c:70:4e:37:af:d1:38:f9:
d5:19:a2:59:72:90:52:94:40:ca:0d:20:15:74:a5:
a1:1a:5c:67:c0:62:6b:19:6c:ff:e3:a2:84:df:20:
68:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:2B:AD:94:2D:4A:2F:8A:3F:DE:51:6A:9C:78:6B:62:65:26:9E:F0
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/IiutlC1KL4o_3lFqnHhrYmUmnvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.136.0/22
185.114.84.0/22
185.142.192.0/22
Signature Algorithm: sha256WithRSAEncryption
88:7e:10:f7:ac:11:b6:4f:70:ab:ed:15:ad:e8:63:ab:ce:91:
ae:c0:15:ce:51:70:3f:01:84:ae:ec:51:02:9a:aa:f1:cc:48:
6c:7d:79:2c:ef:e9:18:32:34:b6:c3:7d:46:27:7e:76:74:9b:
2c:c6:f8:48:4f:bf:59:d6:a8:a9:7f:21:ec:09:3b:2a:8d:9d:
f5:98:fb:7a:db:5c:88:f8:d7:1f:c8:6e:b4:3c:d3:46:f2:0a:
e1:dd:57:73:64:6b:af:21:bc:b9:ae:f0:b7:71:ce:51:ba:87:
15:23:17:cc:58:91:24:94:dd:d3:3a:50:88:71:47:10:36:9c:
96:fe:7f:f1:15:11:c1:28:c2:c2:05:bf:c0:40:e4:87:8f:8c:
31:9e:32:8e:9e:e4:c7:0f:3b:19:a5:6f:77:54:8a:b6:57:1a:
09:d1:e1:e9:72:f1:1b:68:8d:3b:a7:94:e2:d5:53:45:44:f2:
71:84:92:2f:40:94:75:f5:29:34:a6:f5:75:27:4e:47:48:a9:
fd:1e:d2:14:80:aa:44:ea:d2:4a:e4:7b:5a:5e:1e:35:89:58:
91:21:a6:93:4b:0a:98:6b:f0:c6:13:15:2c:49:f3:1b:1f:7b:
3e:12:52:2e:90:d2:f7:28:87:74:cc:44:9a:75:f6:25:6c:98:
b5:86:d1:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUwZ8imaC+msHUwsjJCdVPUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIwMTYzOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjJiYWQ5NDJkNGEyZjhhM2ZkZTUxNmE5Yzc4NmI2MjY1MjY5ZWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufySsN7+OD7clnyqYYviyTbL7GAV
2EE6Kn37mWE6M9Pg0YFeP0AtnrD81RjT2IogM28uavQzQQBPsck69o9eU+uHY5XA
THeFAa5FKMr2MSDvmRdnZiHjpBQtPqpqw65FwE21uvXM4BRLQ3zpgfL7m/BqpCeH
DGZKOsgF5VZ4x2FxeE3zipI5UBOVjwRqxpQ5UjgRUY56j1MuWDNdbACnZQKeqr8+
CqUK5aYLxNrvgaK9P5FUdcGJozWNuDEzyauoMaPFaF3RYTi9spNOrUeD50Tcgqum
2ToiTHBON6/ROPnVGaJZcpBSlEDKDSAVdKWhGlxnwGJrGWz/46KE3yBobQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCIrrZQtSi+KP95Rapx4a2JlJp7wMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvSWl1dGxDMUtMNG9fM2xGcW5IaHJZbVVtbnZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuRuIAwQC
uXJUAwQCuY7AMA0GCSqGSIb3DQEBCwUAA4IBAQCIfhD3rBG2T3Cr7RWt6GOrzpGu
wBXOUXA/AYSu7FECmqrxzEhsfXks7+kYMjS2w31GJ352dJssxvhIT79Z1qipfyHs
CTsqjZ31mPt621yI+NcfyG60PNNG8grh3VdzZGuvIby5rvC3cc5RuocVIxfMWJEk
lN3TOlCIcUcQNpyW/n/xFRHBKMLCBb/AQOSHj4wxnjKOnuTHDzsZpW93VIq2VxoJ
0eHpcvEbaI07p5Ti1VNFRPJxhJIvQJR19Sk0pvV1J05HSKn9HtIUgKpE6tJK5Hta
Xh41iViRIaaTSwqYa/DGExUsSfMbH3s+ElIukNL3KId0zESadfYlbJi1htE5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org